Unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
The present invention relates to secure cloud computing, and in particular, to systems and method for optimizing for financial cost, power consumption, and carbon dioxide (CO2) emissions related to executing an algorithm in a secure cloud computing environment.
Many types of applications can be deployed in various types of cloud computing environments. Cloud computing systems allow software developers and users to run large scale applications using multiple high-performance computers or processors, generically referred to herein as processing units, without incurring the capital investment or maintenance costs associated with owning and operating such systems. Instead, cloud computing service providers charge users to execute applications in their cloud computing environment based on the number of processors used during execution and the time it takes those processors to execute the application. Accordingly, to control the cost of execution, the constituent algorithms of a particular application are often implemented in a particular cloud computing environments with various constraints and predetermined optimizations. The constraints and optimizations are typically concerned with the execution time and the number of processors used, and the balance between the two in order to reduce the overall cost of execution and/or the runtime. In some scenarios, it is possible to sacrifice responsiveness of the application for lower cost. However, in other scenarios, it is of utmost importance that the results from a particular application be returned as quickly as possible. Under such circumstances, a user may be willing to pay a premium to the cloud computing service provider for a larger allocation of processing units to make the application execute faster.
Because of the many business and technical advantages associated with their performance and cost flexibility, cloud computing systems are experiencing an increase in popularity. However, due to the nature of cloud computing that requires information to be transmitted to the cloud, many users are reluctant to execute applications with sensitive or proprietary data without first encrypting their portion of the data used. To address this need, various solutions for secure two-party computation have been developed. Secure two-party computation allows two parties to execute a function or algorithm in a cloud computing environment using private inputs without revealing their private inputs or relying on a trusted third party. Secure computation has many applications. For example, secure computation has been successfully deployed in various commercial, industrial, and financial settings.
While various protocols still compete for the best performance in secure computation, some advancement has been made in further improving performance of securely executing various applications by mixing security protocols used by the individual the sub operations of an application. For example, a security protocol can be selected for each of the sub operations of an application in order to optimize the time and/or cost of executing application as a whole. One particular example of secure cloud computing uses automatic selection of mixed security protocols for execution of sub operations. In such systems, linear programs are generated based on a performance models of the individual sub operations in the could computing configurations to be used (e.g., the number of processing units allocated for execution) to determine the mix of garbled circuit and the homomorphic encryption security protocols. FIG. 1 shows one example data flow 100 for partitioning the sub operations with mixed security protocols such that the runtime is minimized using a linear program based on a predetermined performance model.
As shown in FIG. 1, the data flow 100 begins with an application or, more generically, an algorithm 101, that is to be executed in a secure cloud computing environment. The algorithm 101 can be converted into a number of individual statements 105 of sub operations of the algorithm 101. The number of statements is arbitrary and can include up to N statements and be based on the size and complexity of the algorithm 101. Typically, each of the statements 105 is an expression that is converted according to a predetermined statement format, such as a single static assignment (SSA) statement format 115. In some systems, each of the converted SSA statements are predetermined such that the SSA operation cost value calibration 110 can be determined. The calibrated cost values of the SSA operation cost value calibration 110 are typically associated with the runtime of executing a corresponding SSA statement using a particular security protocol in a given configuration of the cloud. The SSA operation cost value calibration 110 is then be provided to the performance model 130. The performance model includes routines for predictively determining the costs values associated with executing a particular SSA statement in a particular security protocol within a specified cloud computing configuration. For example, the performance model 130 often includes routines for predicting the cost of executing a particular algorithm in terms of runtime based on the runtimes of all SSA statements. The linear program 140 may be set to generate a partitioning vector 125 that represents the assignment of a particular security protocol 120 to each one of the corresponding statements 105 in SSA format to minimize the runtime. In systems in which two security protocols are available, e.g. garbled circuits and homomorphic encryption, the partitioning vector 125 can be represented by a vector of binary values in which each one of the binary values is set to one of the available security protocols. The statements 105 in SSA format representing the algorithm 101 are then sent to the cloud computing environment for execution using security protocols defined by the partitioning vector to achieve the optimal or shortest runtime.
While runtime is an important factor with respect to performance of an algorithm, various regulatory and market forces, and consumer demands, have increased the pressure to optimize the execution algorithms in a cloud computing environment according to other factors. For example, it is becoming increasingly more important to be able to label or market execution of various cloud computing applications as being “green” with respect to CO2 emissions, while also offering the best possible value with respect to direct and indirect costs associated with executing the applications in the cloud. Because some factors, such as runtime and power consumption, do not track linearly with CO2 emissions and financial costs, it can be difficult to predict the associated costs values using traditional techniques. The runtime associated with executing a particular algorithm may be inversely proportional to the number of cloud processors being used for particular execution. However, the CO2 emissions generated by such a configuration of processors may be greater than if the algorithm is executed using fewer processors because the additional processors maybe powered by a power plant with higher CO2 emissions. Furthermore, the pricing structures published by the cloud computing service providers often do not track the number of processing units linearly. As such, the cost of a one or two additional processing units to decrease overall runtime maybe disproportionate to the cost of the base number of processing units. Accordingly, the interaction of the various costs values is complex.
Thus, there is a need for improved optimization of CO2 emissions and financial costs for algorithms executed in a cloud computing environment.